package {{packageName}}.shared.authentication.infrastructure.primary;

import static org.mockito.Mockito.*;

import java.util.HashMap;
import java.util.Map;
import org.springframework.boot.test.context.TestConfiguration;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Import;
import org.springframework.security.oauth2.client.InMemoryOAuth2AuthorizedClientService;
import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService;
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository;
import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
import org.springframework.security.oauth2.jwt.JwtDecoder;

/**
 * This class allows you to run unit and integration tests without an IdP.
 */
@TestConfiguration
@Import(OAuth2Configuration.class)
public class TestSecurityConfiguration {

  @Bean
  ClientRegistration clientRegistration() {
    return clientRegistrationBuilder().build();
  }

  @Bean
  ClientRegistrationRepository clientRegistrationRepository(ClientRegistration clientRegistration) {
    return new InMemoryClientRegistrationRepository(clientRegistration);
  }

  private ClientRegistration.Builder clientRegistrationBuilder() {
    Map<String, Object> metadata = new HashMap<>();
    metadata.put("end_session_endpoint", "https://jhipster.org/logout");

    return ClientRegistration.withRegistrationId("oidc")
      .issuerUri("{baseUrl}")
      .redirectUri("{baseUrl}/{action}/oauth2/code/{registrationId}")
      .clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
      .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
      .scope("read:user")
      .authorizationUri("https://jhipster.org/login/oauth/authorize")
      .tokenUri("https://jhipster.org/login/oauth/access_token")
      .jwkSetUri("https://jhipster.org/oauth/jwk")
      .userInfoUri("https://api.jhipster.org/user")
      .providerConfigurationMetadata(metadata)
      .userNameAttributeName("id")
      .clientName("Client Name")
      .clientId("client-id")
      .clientSecret("client-secret");
  }

  @Bean
  JwtDecoder jwtDecoder() {
    return mock(JwtDecoder.class);
  }

  @Bean
  OAuth2AuthorizedClientService authorizedClientService(ClientRegistrationRepository clientRegistrationRepository) {
    return new InMemoryOAuth2AuthorizedClientService(clientRegistrationRepository);
  }
}
